+ return new ModelAndView("policy_Editor", "model", model);
+ }
+
+ /**
+ * Read the role from session for inserting into the database.
+ *
+ * @param request Request input for Role.
+ */
+ public void getUserRoleFromSession(HttpServletRequest request) {
+ // While user landing on Policy page, fetch the userId and Role from
+ // session.
+ // And, Query the Roles table and if user not exists or else modified
+ // update the Roles table.
+ List<String> roles;
+ List<String> newRoles = new ArrayList<>();
+ String userId = UserUtils.getUserSession(request).getOrgUserId();
+ String name = UserUtils.getUserSession(request).getFullName();
+ @SuppressWarnings("unchecked")
+ Set<UserApp> userApps = UserUtils.getUserSession(request).getUserApps();
+ for (UserApp userApp : userApps) {
+ newRoles.add(userApp.getRole().getName());
+ }
+ List<Object> userRoles = getRoles(userId);
+ List<String> filteredRoles = filterRole(newRoles);
+ if (!filteredRoles.isEmpty()) {
+ cleanUpRoles(filteredRoles, userId);
+ }
+ for (String filteredRole : filteredRoles) {
+ if (userRoles == null || userRoles.isEmpty()) {
+ savePolicyRoles(name, filteredRole, userId);
+ } else {
+ userRoles = getRoles(userId);
+ Pair<Set<String>, List<String>> pair = org.onap.policy.utils.UserUtils.checkRoleAndScope(userRoles);
+ roles = pair.second;
+ if (!roles.contains(filteredRole)) {
+ savePolicyRoles(name, filteredRole, userId);
+ }
+ }
+ }
+ }
+
+ /**
+ * Build a delete query for cleaning up roles and execute it.
+ *
+ * @param filteredRoles Filtered roles list.
+ * @param userId UserID.
+ */
+ private void cleanUpRoles(List<String> filteredRoles, String userId) {
+ StringBuilder query = new StringBuilder();
+ query.append("delete from Roles where loginid = '" + userId + "'");
+ if (filteredRoles.contains(SUPERADMIN)) {
+ query.append("and not role = '" + SUPERADMIN + "'");
+ } else {
+ for (String filteredRole : filteredRoles) {
+ query.append("and not role = '" + filteredRole + "'");
+ }
+ }
+ query.append("and id > 0");
+ commonClassDao.updateQuery(query.toString());
+ }
+
+ /**
+ * Save the Role to DB.
+ *
+ * @param name User Name.
+ * @param filteredRole Role Name.
+ * @param userId User LoginID.
+ */
+ private void savePolicyRoles(String name, String filteredRole, String userId) {
+ UserInfo userInfo = new UserInfo();
+ userInfo.setUserLoginId(userId);
+ userInfo.setUserName(name);
+ commonClassDao.save(userInfo);
+ Roles role = new Roles();
+ role.setName(name);
+ role.setRole(filteredRole);
+ role.setLoginId(userId);
+ commonClassDao.save(role);
+ }
+
+ /**
+ * Filter the list of roles hierarchy wise.
+ *
+ * @param newRoles list of roles from request.
+ * @return
+ */
+ private List<String> filterRole(List<String> newRoles) {
+ List<String> roles = new ArrayList<>();
+ boolean superCheck = false;
+ for (String role : newRoles) {
+ if ("Policy Super Guest".equalsIgnoreCase(role.trim())) {
+ superCheck = true;
+ roles.add("super-guest");
+ } else if ("Policy Super Editor".equalsIgnoreCase(role.trim())) {
+ superCheck = true;
+ roles.clear();
+ roles.add("super-editor");
+ } else if ("Policy Super Admin".equalsIgnoreCase(role.trim())
+ || "System Administrator".equalsIgnoreCase(role.trim())
+ || "Standard User".equalsIgnoreCase(role.trim())) {
+ superCheck = true;
+ roles.clear();
+ roles.add(SUPERADMIN);
+ }
+ if (!roles.contains(SUPERADMIN) || (POLICYGUEST.equalsIgnoreCase(role) && !superCheck)) {
+ if ("Policy Admin".equalsIgnoreCase(role.trim())) {
+ roles.add("admin");
+ } else if ("Policy Editor".equalsIgnoreCase(role.trim())) {
+ roles.add("editor");
+ } else if (POLICYGUEST.equalsIgnoreCase(role.trim())) {
+ roles.add("guest");
+ }
+ }
+ }
+ return roles;